Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • SEC amends whistleblower program rules

    Securities

    On February 10, the SEC announced two amendments to the rules regarding its whistleblower program. According to the SEC, the first proposed amendment concerns award claims for related actions that would be otherwise covered by an alternative whistleblower program. The amendment would allow the Commission to pay whistleblower awards for certain actions brought by other entities, including designated federal agencies, in cases where those awards might otherwise be paid under the other entity's whistleblower program. The second amendment would affirm the Commission's authority under Rule 21F-6 to consider the dollar amount of a potential award for the limited purpose of increasing the award amount, and would eliminate the Commission’s authority to consider the dollar amount of a potential award for the purpose of decreasing an award. Comments are due 60 days after publication of the proposing release on the SEC’s website or 30 days after publication in the Federal Register.

    Securities Whistleblower Agency Rule-Making & Guidance SEC

    Share page with AddThis
  • SEC to update beneficial ownership reporting requirements

    Securities

    On February 10, the SEC proposed amendments to its rules governing beneficial ownership reporting under Exchange Act Sections 13(d) and 13(g) in order to “improve transparency and provide more timely information for shareholders and the market.” (See also SEC fact sheet here.) Among other things, the proposed rule would (i) accelerate the filing deadlines for Schedules 13D and 13G beneficial ownership reports from 10 days to five days (amendments would be required to be filed within one business day); (ii) expand the application of Regulations 13D and 13G to certain derivative securities; (iii) clarify the circumstances in which two or more persons have formed a “group” that would be subject to beneficial ownership reporting obligations; (iv) allow for new exemptions “to permit certain persons to communicate and consult with one another, jointly engage issuers, and execute certain transactions without being subject to regulation as a ‘group’”; and (v) require Schedules 13D and 13G filings to be done through a “structured, machine-readable data language.” Comments are due 30 days after publication in the Federal Register, or April 11, whichever is later. SEC Chair Gary Gensler issued a statement supporting the proposed amendments, which “would reduce information asymmetries and promote transparency, thereby lowering risk and illiquidity,” citing the “rapidity of current markets and technologies” as justification for updating the decades-old rules. However, SEC Commissioner Hester M. Peirce dissented, arguing that the proposed amendments fail to fully contend “with the realities of today’s markets or the balance embodied in Section 13(d) of the Exchange Act.” She further challenged the justification of technological advancements as a reason to shorten the 10-day reporting window to five days.

    Securities Agency Rule-Making & Guidance Beneficial Ownership SEC Securities Exchange Act

    Share page with AddThis
  • SEC proposes cybersecurity risk management rules and amendments

    Securities

    On February 9, a divided SEC voted to release proposed cybersecurity risk management rules and amendments to certain requirements for registered investment advisers and funds. (See SEC fact sheet here.) Commissioner Hester Peirce voted against the proposal, stressing that because “an adviser’s or fund’s system has been successfully breached should not lead us to the immediate conclusion that that adviser or fund was lax in its efforts to protect client data and funds.” She added that “[a]bsent circumstances that suggest deliberate or reckless disregard of known vulnerabilities by the firm, we should resist the temptation to pile on with an enforcement action after a breach.”

    Under the proposed rules, advisers and funds would be required to adopt and implement written policies and procedures reasonably designed to address cybersecurity risks that could harm advisory clients and fund investors. Advisers would also be required to file a confidential report for a significant cybersecurity incident to the SEC on a new form. Additionally, advisers and funds must also publicly disclose cybersecurity risks and significant cybersecurity incidents that occurred in the last two fiscal years “that have significantly disrupted or degraded the adviser’s ability to maintain critical operations, or that have led to the unauthorized access or use of adviser information, resulting in substantial harm to the adviser or its clients in their brochures and registration statements.” Advisers and funds would be required to comply with new cybersecurity-related recordkeeping requirements to assist SEC inspection and enforcement capabilities. Comments on the proposal are due 60 days following publication on the SEC’s website or 30 days after publication in the Federal Register, whichever period is longer.

    Securities Privacy/Cyber Risk & Data Security SEC Agency Rule-Making & Guidance Risk Management Disclosures

    Share page with AddThis
  • Judgments reached in SEC’s first crowdfunding regulation enforcement action

    Securities

    On January 28, the U.S. District Court for the Eastern District of Michigan issued judgments (see here and here) against a real estate company and its CEO in the SEC’s first crowdfunding regulation enforcement action. As previously covered by InfoBytes, the SEC filed a complaint last September alleging that several entities and related individuals participated in a fraudulent scheme to sell nearly $2 million of unregistered securities through two crowdfunding offerings. The complaint alleged that two of the entities issued securities without registering with the SEC, while their principals diverted investor funds for personal use rather than using the funds for the disclosed purposes. Without admitting or denying the SEC’s allegations, the real estate company and the CEO consented to be permanently enjoined from violating certain securities laws. The CEO also agreed to a prohibition on “acting as an officer or director of any issuer that has a class of securities registered pursuant to Section 12 of the Exchange Act [15 U.S.C. § 78l] or that is required to file reports pursuant to Section 15(d) of the Exchange Act [15 U.S.C. § 78o(d)].” The judgments decreed that, upon motion of the SEC, the court will decide whether disgorgement and/or civil money penalties are appropriate.

    Securities Enforcement SEC Crowdfunding Courts Securities Act Securities Exchange Act

    Share page with AddThis
  • SEC: Taking remedial actions may help companies avoid penalties

    Securities

    On January 28, the SEC announced a settlement subject to court approval with a private technology company to resolve allegations that the company, through its former CEO, falsely inflated key financial metrics and doctored internal sales records. The complaint, which alleged violations of the antifraud provisions of the Securities Act of 1933 and the Securities Exchange Act of 1934, claimed that the CEO significantly inflated the value of numerous customer deals, and then masked the inflation by creating fake invoices and altering real invoices to make it seem as if customers had been billed higher amounts. The company’s board of directors conducted an internal investigation, which led to the removal of the CEO, a revised company valuation, and remedial efforts including repaying investors. The company also hired new senior management, expanded its board, and implemented processes and procedures to ensure transparency and accuracy of deal reporting and associated revenues. While the company neither admitted nor denied the allegations, it agreed to be permanently enjoined from violations of the antifraud provisions. The SEC highlighted that the lack of a penalty in the settlement is significant, and demonstrates the Commission’s position that a company may receive credit if it makes significant remedial efforts in the wake of an internal investigation. “For companies wondering what types of remedial actions and cooperation might be credited by the Commission after a company uncovers fraud, this case offers an excellent example,” stated Gurbir S. Grewal, Director of the SEC’s Division of Enforcement. “[The company’s] remediation and cooperation included not just its internal investigation and revised valuation, but also repaying harmed investors and improving its governance—all of which were factors that counseled against the imposition of a penalty in this case.” 

    Securities Enforcement SEC Settlement Fraud Securities Act Securities Exchange Act

    Share page with AddThis
  • FINRA fines securities firm $20,000 for AML violations

    Securities

    On January 20, the Financial Industry Regulatory Authority (FINRA) entered into a Letter of Acceptance, Waiver, and Consent (AWC), which requires a securities firm to pay a $20,000 fine for allegedly failing to: (i) establish and implement anti-money laundering (AML) policies and procedures reasonably expected to detect and cause the reporting of suspicious activity; (ii) conduct an independent AML test; and (iii) obtain the signature of a principal at the firm evidencing supervisory review and approval of the opening of customer accounts. According to the AWC, in 2018, “following a change in majority ownership, the firm’s business model shifted, and it began to service high-net worth international customers, many of whom were citizens or residents of jurisdictions that posed a heightened risk of money laundering or were considered bank secrecy havens.” The firm allegedly “failed to tailor its AML program to the firm’s new, higher-risk business model,” FINRA stated. The firm did not admit nor deny the findings as part of the AWC but agreed to a censure, among other things.

    Securities FINRA Anti-Money Laundering Enforcement Financial Crimes

    Share page with AddThis
  • SEC chair considers updating cybersecurity rules

    Securities

    On January 24, SEC Chair Gary Gensler discussed the agency’s cybersecurity policy work before the Northwestern Pritzker School of Law’s Annual Securities Regulation Institute. Gensler commented that the SEC is working to improve the overall cybersecurity resiliency of the financial sector with a focus on four groups of entities, including broker-dealers and investment companies, public companies, service providers that are not necessarily registered with the agency but that work with SEC financial sector registrants, and the SEC itself. Areas that may benefit from being “freshen[ed] up” include SEC regulations related to systems compliance and integrity (which focus on reducing the occurrence of system issues and improving resiliency), as well as cyber “hygiene” and incident reporting requirements. With respect to data privacy, Gensler commented that there may be opportunities to modernize and expand Regulation S-P, which requires registered broker-dealers, investment companies, and investment advisers to protect customer records and information. Noting that Regulation S-P was adopted more than two decades ago, Gensler has also asked SEC staff to provide “recommendations about how customers and clients receive notifications about cyber events when their data has been accessed,” including breaches of personally identifiable information. He stated that recommendations could also include changes to the timing and substance of notifications currently required under Regulation S-P. Gensler also asked for recommendations on whether and how to update public companies’ cybersecurity practices and cyber risk disclosures. He also noted that the SEC needs to explore and address cybersecurity risks arising from service providers, adding that measures “could include holding registrants accountable for service providers’ cybersecurity measures with respect to protecting against inappropriate access and investor information.”

    Securities Privacy/Cyber Risk & Data Security SEC Data Breach Agency Rule-Making & Guidance

    Share page with AddThis
  • FINRA fines securities firm $9 million over customer protection violations

    Securities

    On January 20, the Financial Industry Regulatory Authority (FINRA) announced it had entered into a Letter of Acceptance, Waiver, and Consent (AWC), which requires a securities firm to pay a $9 million fine for allegedly failing to (i) maintain proper control of excess margin securities it carried on behalf of customers; (ii) store electronic brokerage records in the required non-erasable, “write once, read many” format (known as “WORM”); (iii) disclose potential conflicts of interest when publishing research reports; and (iv) implement and enforce a supervisory system to ensure compliance with federal securities law and FINRA rules. FINRA claimed that among the alleged violations, the firm failed to preserve approximately 18.6 billion records in the required WORM format, which affected applications, “including those related to accounts payable and receivable, fingerprint records, customer account records, general ledger/trial balances, order and trade tickets, trade confirmations, and wire instructions.” According to FINRA, although the firm understood the requirement to store records in WORM format, it allegedly had no supervisory procedures in place to ensure compliance. The firm did not admit nor deny the findings as part of the AWC but has agreed to a censure and will pay the fine. Additionally, the firm is required to certify that it has implemented reasonably designed supervisory systems and procedures to comply with federal securities laws and FINRA rules and requirements.

    Securities FINRA Enforcement Privacy/Cyber Risk & Data Security Securities Exchange Act

    Share page with AddThis
  • FINRA adopts securities-based swap amendments

    Securities

    On January 20, the Financial Industry Regulatory Authority (FINRA) issued Regulatory Notice 22-03, adopting amendments to certain FINRA rules and clarifying their application to security-based swaps (SBS). According to FINRA, Rule 0180 replaces expiring temporary Rule 0180 and generally applies FINRA rules to members’ activities and positions with respect to SBS, with limited exceptions. FINRA also amended its financial responsibility and operational rules to conform to the SEC’s SBS-related capital, margin, and segregation requirements. The amendments are effective February 6. In addition, FINRA adopted a SBS-specific margin rule, Rule 4240 (Security-Based Swap Margin Requirements), which replaces the expiring interim pilot program establishing margin requirements for credit default swaps. The new margin rule, along with related amendments to Rules 4210 (Margin Requirements) and 4220 (Daily Record of Required Margin), are effective April 6.

    Securities Agency Rule-Making & Guidance FINRA Swaps

    Share page with AddThis
  • SEC issues $40 million in whistleblower awards

    Securities

    On January 20, the SEC announced whistleblower awards totaling over $40 million to four individuals for providing information and assistance in three separate covered actions. According to the first redacted order, the SEC awarded approximately $37 million to two joint whistleblowers for providing evidence and ongoing assistance throughout the investigation, in addition to helping Commission staff identify information that contributed to the success of the action. According to the second redacted order, the SEC awarded approximately $1.8 million to an individual who provided information that prompted Commission staff to open the investigation. Additionally, the whistleblower continued to provide assistance by participating in interviews and giving additional documents. In the third redacted order, the SEC awarded approximately $1.5 million to a whistleblower for providing new information for Commission staff’s investigative strategy and significantly contributing to the success of the action. In addition, the whistleblower provided substantial and ongoing assistance by helping the Commission staff identify issues.

    The SEC has awarded approximately $1.2 billion to 245 individuals since issuing its first award in 2012.

    Securities SEC Whistleblower Enforcement Investigations

    Share page with AddThis

Pages